package com.itqf.controller;

import com.itqf.utils.R;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

/**
 * @Description:
 * @Company: 千锋互联
 * @Author: 李丽婷
 * @Date: 2021/1/27
 * @Time: 下午2:56
 */
@Controller
public class SysUserController {

    /**
     * 响应json
     * @param username
     * @param password
     * @param rememberMe
     * @return
     */
    @RequestMapping("/doLogin")
    @ResponseBody
    public  R  doLogin(String username,String password,boolean rememberMe){
        //不用shiro
        //sysUser.login(username,password);

        try {
            //用shiro登录
            //1,得到subject
            Subject subject = SecurityUtils.getSubject();
            //对密码加密
            password = new Md5Hash(password,username,1024).toString();
            System.out.println("密码加密后："+password);
            //2,username和password封装成usernamePasswordToken对象
            UsernamePasswordToken upt = new UsernamePasswordToken(username,password);
            //记住我
            System.out.println("rememberMe="+rememberMe);
            if (rememberMe){
                //Cookie
                upt.setRememberMe(true);//记住我' 第一步
            }

            //3,登录
            subject.login(upt);
            //shiro内部调用自定义Realm（shiro.ini）的认证(doGetAuthenticationInfo)方法


            //判断用户具不具有角色和权限的第一种方式：用java代码
            System.out.println(subject.isPermitted("sys:user:update")?"具有修改用户的权限":"不具有修改用户的权限");
            System.out.println(subject.hasRole("管理员")?"具有管理员角色":"不具有管理员");


        } catch (UnknownAccountException e) {
            //用户名不对
            return R.error("用户名不存在");
        }catch (IncorrectCredentialsException e){
            return R.error("密码不对");
        }catch (LockedAccountException e){
            return  R.error("账号被锁定异常");
        }

        return  R.ok("登录成功");

    }

    /**
     * 响应页面
     * @param username
     * @param password
     * @param rememberMe
     * @return
     */
    @RequestMapping("/doLogin1")
    public  String doLogin1(String username,String password,boolean rememberMe){
        //不用shiro
        //sysUser.login(username,password);
        Session session = null;
        try {
            //用shiro登录
            //1,得到subject
            Subject subject = SecurityUtils.getSubject();
            //得到会话
            session =  subject.getSession();
            //对密码加密
            password = new Md5Hash(password,username,1024).toString();
            System.out.println("密码加密后："+password);
            //2,username和password封装成usernamePasswordToken对象
            UsernamePasswordToken upt = new UsernamePasswordToken(username,password);
            //记住我
            System.out.println("rememberMe="+rememberMe);
            if (rememberMe){
                //Cookie
                upt.setRememberMe(true);//记住我' 第一步
            }

            //3,登录
            subject.login(upt);


            //shiro内部调用自定义Realm（shiro.ini）的认证(doGetAuthenticationInfo)方法
             session.setAttribute("username",username);
            return  "/index.jsp";
        } catch (Exception e) {

            session.setAttribute("error",e.getMessage());
        }

        return  "/login.jsp";

    }

    @RequestMapping("/logout")
    @ResponseBody
    public R  logout(){
        //1.得到subject
        Subject subject = SecurityUtils.getSubject();
        //2.退出
        subject.logout();

       return  R.ok("退出成功");

    }


}
